CommodityAI maintains comprehensive data security and privacy controls to protect customer information. This document outlines our data storage practices, encryption protocols, compliance certifications, and subprocessor relationships.Documentation Index
Fetch the complete documentation index at: https://docs.commodityai.io/llms.txt
Use this file to discover all available pages before exploring further.
Data Storage
CommodityAI utilizes Amazon Web Services (AWS) for data storage with the following practices:- Infrastructure: All customer data is stored in AWS with encryption at rest and in transit
- Access Controls: Storage access is restricted to authorized services and personnel, with all access logged and audited
- Retention: Enterprise customers may configure custom retention periods or opt for Zero Data Retention (ZDR), where data is automatically purged within 24 hours
- Usage: Customer data is used solely for service delivery. CommodityAI does not use customer data for model training without explicit written consent
Encryption
- At Rest: All stored data is encrypted using AES-256. Keys are managed through AWS Key Management Service (KMS) with automatic rotation
- In Transit: All data transmission uses TLS 1.2 or higher. API communications require HTTPS; unencrypted connections are rejected
Compliance
- SOC 2 Type II: CommodityAI is currently in audit with targeted certification in Q1 2026. Reports will be available upon request under NDA
Subprocessors
| Company | Description | Location |
|---|---|---|
| Amazon Web Services, Inc. | Cloud Infrastructure | United States |
| Microsoft Azure | Cloud Infrastructure | United States |
| Google Cloud | Cloud Infrastructure | United States |
| OpenAI, LLC | Artificial Intelligence | United States |
| Anthropic PBC | Artificial Intelligence | United States |
| Mixpanel, Inc. | Product Analytics | United States |